(De-)Constructing Attacker Categorisations: A Typology Iteration for the Case of Digital Banking

Caroline Moeckel

Research output: Contribution to journalArticlepeer-review


This article appears in the J.UCS Special Issue on Information Security Methodology, Replication Studies and Information Security Education. In this extended and updated paper (based on the author's paper presented at the 1st International Workshop on Information Security Methodology and Replication Studies, co-organised with ARES 2019), the experimental construction of a new attacker typology grounded in real-life data is proposed, using grounded theory analysis and over 300 publicly available documents containing details of digital banking related cybercrime and involved attackers. Seven attacker profiles forming the typology specific to the case of digital banking are presented. An initial light-touch evaluation approach based on peer review feedback and basic heuristics is suggested. A short excursus on circumplex models is added to address this visualisation tool used across past categorisation efforts.
Original languageEnglish
Pages (from-to)783-804
Number of pages22
JournalJournal of Universal Computer Science
Issue number7
Publication statusPublished - 28 Jul 2020

Cite this